diff --git a/build/sites/00-redirectHTTPS.conf.disabled b/build/sites/00-redirectHTTPS.conf.disabled deleted file mode 100644 index e47200d..0000000 --- a/build/sites/00-redirectHTTPS.conf.disabled +++ /dev/null @@ -1,22 +0,0 @@ -### redirect to secure site - -server { - listen 80; - server_name default_server; - - # redirect to properly formed HTTPS location - location / { - return 301 https://$host$request_uri; - } - - # process Let's Encrypt challenges - location ^~ /.well-known/acme-challenge { - # log requests for security reasons - access_log /var/log/nginx/LetsEncrypt_access.log main; - error_log /var/log/nginx/LetsEncrypt_error.log warn; - - default_type text/plain; - root /usr/share/nginx/html/letsencrypt; - autoindex on; - } -} diff --git a/build/sites/05-test_secured.conf.disabled b/build/sites/05-test_secured.conf.disabled index bef6fd2..309659f 100644 --- a/build/sites/05-test_secured.conf.disabled +++ b/build/sites/05-test_secured.conf.disabled @@ -1,9 +1,32 @@ ### UNsecured test page server { - listen 443; + listen 80; include /etc/nginx/server_names.conf; + # default redirect to properly formed HTTPS location + location / { + return 301 https://$host$request_uri; + } + + # process Let's Encrypt challenges + location ^~ /.well-known/acme-challenge { + # log requests for security reasons + access_log /var/log/nginx/LetsEncrypt_access.log main; + error_log /var/log/nginx/LetsEncrypt_error.log warn; + + default_type text/plain; + root /usr/share/nginx/html/letsencrypt; + autoindex on; + } + +server { + listen 443 ssl https2; + include /etc/nginx/server_names.conf; + + # ssl certificates + include /etc/nginx/ssl_certs.conf; + location / { try_files $uri $uri/ =404; }